Belgium 23-9-25 Squad Only Virtual english
Security teams are overwhelmed. Too many tools. Too many alerts. Too few people. And now, increasing pressure from the board to protect everything, everywhere, all the time. Expect honest reflection, shared strategies, and a conversation that cuts through compliance noise and focuses on what to do when your team is stretched and your risk is rising.
Read MoreBelgium 23-9-25 Invitation Only Physical english
In today's rapidly evolving digital landscape, the financial services industry in Belgium faces a critical juncture regarding its cloud adoption strategy. While the allure of cloud computing – with its promise of scalability, agility, and innovation – is undeniable, the unique regulatory demands and paramount need for data sovereignty present significant challenges. This CIONET roundtable, aims to bring together Digital Leaders from the Belgian financial sector to discuss how to navigate these complexities. We will explore how financial institutions can leverage cloud technologies while ensuring complete control over their data, maintaining compliance with stringent European regulations like GDPR and DORA, and mitigating geopolitical risks.
Read MoreBelgium 24-9-25 Invitation Only Physical english
As smart devices proliferate across operational environments — from sensors on factory lines and GPS trackers in logistics fleets to wearables in healthcare and connected systems in smart cities — the integration of Managed IoT (MiOT) is accelerating. But with it comes a surge in cybersecurity risks. No longer isolated or air-gapped, OT systems are becoming fully networked, remotely accessible, and deeply entwined with IT. This creates a vulnerable, highly complex digital mesh, one where a single compromised device can trigger physical, financial, and reputational consequences.
Read MoreSeptember 23, 2025 Squad Session Squad Only Virtual english
Security teams are overwhelmed. Too many tools. Too many alerts. Too few people. And now, increasing pressure from the board to protect everything, everywhere, all the time. Expect honest reflection, shared strategies, and a conversation that cuts through compliance noise and focuses on what to do when your team is stretched and your risk is rising.
Read MoreSeptember 30, 2025 Squad Session Squad Only Virtual english
Everyone has technical debt. The question is what to do with it. Refactor now? Wait for the next feature? Build on it and hope it holds? If you’re tired of debating whether to clean up or move on, this session helps you frame the debt conversation in a way that supports both speed and stability.
Read MoreOctober 2, 2025 Squad Session Squad Only Virtual english
Architecture doesn’t happen in diagrams. It happens in minds, seasoned, curious, sharp minds that understand how the pieces fit. But who’s shaping these minds? Who’s growing the next generation of digital architects? If you’re responsible for complex systems, and for the people designing them, this session is for you.
Read MoreHow Atlassian Enforces Best Practices in Its Cloud Infrastructure
How Atlassian Enforces Best Practices in Its Cloud Infrastructure
INTRODUCTION
This is an updated version of an October 2019 post from the ATLASSIAN Community – How Atlassian enforces Best Practices in its Cloud Infrastructure. Link to original blog post.
The majority of Atlassian’s business runs on Amazon Web Services (AWS). Due to the large scale of our infrastructure, we allow for teams to manage their own changes without a centralised review. Atlassian operates on a “trust, but verify” model: We promote a set of best practices and guidelines for teams to follow and we then check that these best practices are being implemented. Where the target is missed, we help the team readjust.
The most widely known example are S3 buckets that are publicly available and can be accessed by anyone. Countless companies have been caught off guard by accidentally putting confidential information in public buckets. It has prompted Amazon to offer additional safeguards in the form of bucket-level overrides to deny any sort of public object, acknowledging the severity of this problem.
At Atlassian, we have added a new tool to our vulnerability management belt so we can assist teams in following the best practices we have established: Trend Micro Cloud One™ – Conformity which specialises in continuously scanning the configuration of cloud infrastructure.
While they offer support for multiple cloud providers as well as checks for all five pillars of the well-architected framework, we use the tool for its “Security” checks for AWS.
ADOPTION
Nearly all of our AWS accounts are being scanned on an hourly basis and the results are reported to the security team. To enable our developers to move fast and remove security as a gatekeeper we didn’t stop there, though. Instead, we integrated Cloud One - Conformity with our vulnerability pipeline which files Jira tickets for any findings we discover through these scans. Our developers live and breathe Jira day in, day out, so surfacing this information here is much more natural for them than having to look for these findings in some third party tool or needing security as an intermediary.
Anyone who has ever tried to deploy a security scanner inside an organisation knows that they are never set-and-forget. Instead, they require fine-tuning to ensure they only produce meaningful results. Every enterprise environment is different and particularly at scale, edge cases exist that scanners would not anticipate. For example, our internal PaaS enforces a set of best practices that have been developed in collaboration with the security team. Some of the configurations that come out of this are secure in this context, but the scanner will still report on them because they generally wouldn’t be. As a result, we spent some time refining the set of rules we care about.
In our first iteration, we decided to focus on our highest severity AWS accounts. These accounts hold our customers' data or manage our infrastructure, for example our CI/CD. In addition, we narrowed down the initial set of rules to those we consider high severity. We then spent some time working closely with those teams that own these important AWS accounts to ensure all findings provide a meaningful security benefit. Based on this feedback, we adjusted the configuration of our rules to fit right into our organisation. Only for this subset of accounts & rules are we creating Jira tickets, as we have verified the quality of these findings.
The next iteration has already started and is expanding out the scope of accounts having Jira tickets created as well as including more rules that are being reviewed. Eventually, all our AWS accounts will be under our security SLA and every check will have been reviewed and configured to the specifics of our environment.
We also continue working closely with the Conformity team, who are responsive to our feedback and quickly fix any bugs we discover in their product. They are great at including our feature requests in their roadmap and always keep us informed on when work is starting on anything we care about. This way, we keep increasing the value their service provides to us which directly translates into an ever increasing security posture.
When the security researcher “benmap” presented at DEF CON 27 recently, the community learned just how vulnerable public EBS volumes can leave a company, reminding everyone that not just S3 buckets can be made public and contain sensitive information. Naturally, we investigated our own environment for such public volumes. Since Conformity was already actively scanning all of our accounts, we were able to perform a fast investigation that gave a complete picture of all public volumes and we could quickly confirm that none of them contained any sensitive information. In addition, we will be alerted to any future volumes that are being made public and can ensure we are not exposing any sensitive information through them.
As a helpful side-effect these scans provide a forcing function for teams to go into their own environments and clean up any stale resources left over from development experiments. Atlassian enables our developers to iterate quickly, try out new features and innovate on our services. As a security team, we are responsible for making sure that these experiments happen within a suitable environment and in a way that don’t put customer data at risk. Part of this responsibility is making sure that unused resources are being cleaned up and Conformity helps us achieve this. We notify developers about resources with insecure configurations and sometimes developers realise they do not need those resources anymore and delete them.
With a tool like Trend Micro Cloud One - Conformity in our arsenal, we now have ongoing assurance that our cloud infrastructure is in a good and secure state.
We go beyond just vulnerabilities and use it to actually enforce best practices, which ensures our cloud security posture is best of breed.
89 Views 1 Likes Read More
Digital Transformation is redefining the future of health care and health delivery. All stakeholders are convinced that these innovations will create value for patients, healthcare practitioners, hospitals, and governments along the patient pathway. The benefits are starting from prevention and awareness to diagnosis, treatment, short- and long-term follow-up, and ultimately survival. But how do you make sure that your working towards an architecturally sound, secure and interoperable health IT ecosystem for your hospital and avoid implementing a hodgepodge of spot solutions? How does your IT department work together with the other stakeholders, such as the doctors and other healthcare practitioners, Life Sciences companies, Tech companies, regulators and your internal governance and administrative bodies?
Read MoreThe Telenet Business Leadership Circle powered by CIONET, offers a platform where IT executives and thought leaders can meet to inspire each other and share best practices. We want to be a facilitator who helps you optimise the performance of your IT function and your business by embracing the endless opportunities that digital change brings.
Read MoreDécouvrez la dynamique du leadership numérique aux Rencontres de CIONET, le programme francophone exclusif de CIONET pour les leaders numériques en Belgique, rendu possible grâce au soutien et à l'engagement de nos partenaires de programme : Deloitte, Denodo et Red Hat. Rejoignez trois événements inspirants par an à Liège, Namur et en Brabant Wallon, où des CIOs et des experts numériques francophones de premier plan partagent leurs perspectives et expériences sur des thèmes d'affaires et de IT actuels. Laissez-vous inspirer et apprenez des meilleurs du secteur lors de sessions captivantes conçues spécialement pour soutenir et enrichir votre rôle en tant que CIO pair. Ne manquez pas cette opportunité de faire partie d'un réseau exceptionnel d'innovateurs numériques !
Read MoreCIONET is committed to highlighting and celebrating female role models in IT, Tech & Digital, creating a leadership programme that empowers and elevates women within the tech industry. This initiative is dedicated to showcasing the achievements and successes of leading women, fostering an environment where female role models are recognised, and their contributions can ignite progress and inspire the next generation of women in IT. Our mission is to shine the spotlight a little brighter on female role models in IT, Tech & Digital, and to empower each other through this inner network community.
Read MoreWould you like to know more about CIONET Belgium, membership or partnership opportunities? Do you have feedback or any other question? Send us a message!
You can either send us a registered handwritten letter explaining why you'd like to become a member or you can simply talk to us right here!